A firewall is a collection of software and hardware deployed between different networks or network security zones. Firewalls are used to protect a network area against attacks and intrusions from other network areas.

Firewalls can isolate and mitigate attacks, and can be deployed at the network border or used for subnet isolation. For example, they can be configured as an enterprise network egress, subnet isolation in a large-sized network, or DCN border to control access behavior in inbound and outbound traffic. Defense is the core attribute of firewalls.
Firewalls provide the following functions: filter traffic based on security policies, mitigate network attacks, implement NAT, establish a VPN between the local network and the remote network, and configure routing policies.